onduo.com Open in urlscan Pro
35.241.32.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.email1.onduo.com/?qs=18519aacbfc5fd77974f401ab05298e5564c99b687abc280dcfc1a733b8b77fda7e90744a1c280e8de1426ce9f26...
Effective URL:
https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=han...
Submission: On April 18 via api (April 18th 2022, 8:38:29 pm UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 43 HTTP transactions. The main IP is 35.241.32.115, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is onduo.com. The Cisco Umbrella rank of the primary domain is 979004.
TLS certificate: Issued by GTS CA 1D4 on April 9th 2022. Valid for: 3 months.

This is the only time onduo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.196.105 13.111.196.105	22606 (EXACT-7) (EXACT-7)
5	35.241.32.115 35.241.32.115	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:830::2010	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2013	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	18.66.112.6 18.66.112.6	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	34.250.97.19 34.250.97.19	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
43	16

1 13.111.196.105 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.email1.onduo.com

click.email1.onduo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.241.32.115 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 115.32.241.35.bc.googleusercontent.com

onduo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

enroll.onduo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-6.fra56.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.250.97.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-97-19.eu-west-1.compute.amazonaws.com

c.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 storage.googleapis.com — Cisco Umbrella Rank: 492	1 MB
7	onduo.com 1 redirects click.email1.onduo.com onduo.com — Cisco Umbrella Rank: 979004 enroll.onduo.com	399 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	519 B
4	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 3781 c.contentsquare.net — Cisco Umbrella Rank: 3651	68 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	201 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net — Cisco Umbrella Rank: 95	2 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 104	16 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5383	548 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 4	1 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1430	42 KB
1	gstatic.com fonts.gstatic.com	47 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	70 KB
43	13

	Domain	Requested by
13	storage.googleapis.com	onduo.com
5	www.facebook.com	onduo.com
5	onduo.com	onduo.com
3	c.contentsquare.net	onduo.com
3	connect.facebook.net	onduo.com connect.facebook.net
3	www.google-analytics.com	onduo.com www.google-analytics.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.google.de	onduo.com
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	t.contentsquare.net	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	onduo.com
1	enroll.onduo.com	onduo.com
1	fonts.googleapis.com	onduo.com
1	click.email1.onduo.com	1 redirects
43	18

This site contains links to these domains. Also see Links.

Domain
enroll.onduo.com

Subject Issuer	Validity	Valid
onduo.com GTS CA 1D4	`2022-04-09` - `2022-07-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
enroll.onduo.com GTS CA 1D4	`2022-04-13` - `2022-07-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
t.contentsquare.net Amazon	`2021-11-13` - `2022-12-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-26` - `2022-04-26`	3 months	crt.sh
c.contentsquare.net Amazon	`2021-09-14` - `2022-10-13`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Frame ID: 27458839BDE5BA0D4BEC8B70A9C4C6CE
Requests: 41 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1DDB125845A2FC8D8826EF699C9D098E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 40A829A2D4D1B9687C95CD21D3C5F1FA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Onduo.com - Walgreens- Healthy Weight LP

Page URL History Show full URLs

https://click.email1.onduo.com/?qs=18519aacbfc5fd77974f401ab05298e5564c99b687abc280dcfc1a733b8b77fda7e90744... HTTP 302
https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

43
Requests

95 %
HTTPS

72 %
IPv6

13
Domains

18
Subdomains

16
IPs

4
Countries

2101 kB
Transfer

3121 kB
Size

17
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://enroll.onduo.com/
Title: Get started now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.email1.onduo.com/?qs=18519aacbfc5fd77974f401ab05298e5564c99b687abc280dcfc1a733b8b77fda7e90744a1c280e8de1426ce9f261e4629eb865c6da0e1fa HTTP 302
https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/804620460/?random=462622164&cv=9&fst=1650314303467&num=1&rdp=1&value=0&label=lYqWCPvav4MBEKyR1v8C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fonduo.com%2Fwalgreens%2Fhw%2F%3Futm_campaign%3Dwag_ghw_v1%26utm_medium%3Demail%26utm_source%3Dv1enrollp3-ltr%26utm_content%3Dhandofflogo%26invite_code%3D4399HHV&tiba=Onduo.com%20-%20Walgreens-%20Healthy%20Weight%20LP&auid=480739497.1650314303&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=P8xdYtHdH4yG9fgPx6CCkAw&sscte=1&crd=&eitems=ChEI8Jj0kgYQ75vLxZTPzqj2ARIdAM-0LdGPC9E5ziWGVYrrXW9-iHJlsGwpHR32J7I HTTP 302
https://www.google.com/pagead/1p-conversion/804620460/?random=462622164&cv=9&fst=1650314303467&num=1&rdp=1&value=0&label=lYqWCPvav4MBEKyR1v8C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fonduo.com%2Fwalgreens%2Fhw%2F%3Futm_campaign%3Dwag_ghw_v1%26utm_medium%3Demail%26utm_source%3Dv1enrollp3-ltr%26utm_content%3Dhandofflogo%26invite_code%3D4399HHV&tiba=Onduo.com%20-%20Walgreens-%20Healthy%20Weight%20LP&auid=480739497.1650314303&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=P8xdYtHdH4yG9fgPx6CCkAw&eitems=ChEI8Jj0kgYQ75vLxZTPzqj2ARIdAM-0LdE0cnj2YzkgL_-K1LLiiOETUMktIPwXiLM&random=2625117306&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/804620460/?random=462622164&cv=9&fst=1650314303467&num=1&rdp=1&value=0&label=lYqWCPvav4MBEKyR1v8C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fonduo.com%2Fwalgreens%2Fhw%2F%3Futm_campaign%3Dwag_ghw_v1%26utm_medium%3Demail%26utm_source%3Dv1enrollp3-ltr%26utm_content%3Dhandofflogo%26invite_code%3D4399HHV&tiba=Onduo.com%20-%20Walgreens-%20Healthy%20Weight%20LP&auid=480739497.1650314303&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=P8xdYtHdH4yG9fgPx6CCkAw&eitems=ChEI8Jj0kgYQ75vLxZTPzqj2ARIdAM-0LdE0cnj2YzkgL_-K1LLiiOETUMktIPwXiLM&random=2625117306&resp=GooglemKTybQhCsO&ipr=y&prhg=0

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
onduo.com/walgreens/hw/
Redirect Chain

https://click.email1.onduo.com/?qs=18519aacbfc5fd77974f401ab05298e5564c99b687abc280dcfc1a733b8b77fda7e90744a1c280e8de1426ce9f261e4629eb865c6da0e1fa
https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV

29 KB
9 KB

1091ms
986ms

Document
text/html

35.241.32.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.241.32.115 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

115.32.241.35.bc.googleusercontent.com

Software

nginx/1.21.3 / Craft CMS SEOmatic

Resource Hash

13c7196dbcfca749aa87891e3db3cbe104ef2373a7bddcd3b60a996d5a2fa0f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 18 Apr 2022 20:38:22 GMT
referrer-policy: no-referrer-when-downgrade no-referrer-when-downgrade
server: nginx/1.21.3
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Craft CMS SEOmatic
x-robots-tag: noindex
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 275
Content-Type: text/html; charset=utf-8
Date: Mon, 18 Apr 2022 20:38:21 GMT
Location: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 127ms
46ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,500,500i,600,700,800&display=swap

Requested by

Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c916577c26045d0c6e81eff07f08e29f66e3bfaf1c2c87f37649191a6a542604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 20:38:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 18 Apr 2022 20:38:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Apr 2022 20:38:22 GMT

GET
H2 200 global.css
onduo.com/assets/css/ 148 KB
148 KB 132ms
131ms Stylesheet
text/css 35.241.32.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://onduo.com/assets/css/global.css?cb=20210510v1

Requested by

Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.241.32.115 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

115.32.241.35.bc.googleusercontent.com

Software

nginx/1.21.3 /

Resource Hash

a95cfe57ba0399e853385ee91c686febf20790fa6a83c32de5bbc64a4def502c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:22 GMT
via: 1.1 google
last-modified: Fri, 01 Apr 2022 14:52:09 GMT
server: nginx/1.21.3
etag: "62471199-25067"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151655

GET
H2 200 Onduo_Walgreens.png
storage.googleapis.com/onduo-craft-cms-assets/images/mod/header-with-partner-images/_partnerHeader1x/ 10 KB
10 KB 622ms
521ms Image
image/png 2a00:1450:4001:830::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/onduo-craft-cms-assets/images/mod/header-with-partner-images/_partnerHeader1x/Onduo_Walgreens.png
Requested by: Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5f2c266db7472dea7e65699d55c24c640d766912ed35a22caef10e7e86f8ad37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
x-guploader-uploadid: ADPycdt_lb8e2xBKHU3A5hcAUoRjp10u-t3AeLwk2zetMtmQV5Gdc7Eci97MO0BLWRT6_VG2eTl0MI8bmF0EvL8AXGt_bQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10331
last-modified: Thu, 23 Sep 2021 16:20:00 GMT
server: UploadServer
etag: "c21b286619fd77251cf107613cd03a55"
x-goog-hash: crc32c=E2mpwA==, md5=whsoZhn9dyUc8QdhPNA6VQ==
x-goog-generation: 1632414000049458
cache-control: public, max-age=3600
x-goog-stored-content-length: 10331
accept-ranges: bytes
content-type: image/png
expires: Mon, 18 Apr 2022 21:38:23 GMT

GET
H3 200 app.js Show response
onduo.com/assets/js/ 239 KB
239 KB 133ms
133ms Script
application/javascript 35.241.32.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://onduo.com/assets/js/app.js?cb=20210510v1

Requested by

Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.32.115 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

115.32.241.35.bc.googleusercontent.com

Software

nginx/1.21.3 /

Resource Hash

3b701ff65decb720c9db6b7dbba15dcdf6f42276070903b3af87bc2a14082730

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
via: 1.1 google
last-modified: Fri, 01 Apr 2022 14:52:09 GMT
server: nginx/1.21.3
etag: "62471199-3bc97"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244887

GET
H2 200 mrk.png
enroll.onduo.com/ 150 B
406 B 483ms
331ms Image
image/png 2a00:1450:4001:812::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enroll.onduo.com/mrk.png?utm_source=v1enrollp3-ltr&utm_medium=email&utm_campaign=wag_ghw_v1&utm_content=handofflogo&invite_code=4399HHV&landing_page=https%3A%2F%2Fonduo.com%2Fwalgreens%2Fhw%2F%3Futm_campaign%3Dwag_ghw_v1%26utm_medium%3Demail%26utm_source%3Dv1enrollp3-ltr%26utm_content%3Dhandofflogo%26invite_code%3D4399HHV

Requested by

Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

4e3bb6949163fa1a5e8873c6ca9ef084aa795a604b111e432b7de4075ab27d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Google Frontend
date: Mon, 18 Apr 2022 20:38:23 GMT
content-type: image/png
x-cloud-trace-context: b97fefe93b3b3c53ee23e130f328c1cb;o=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 150
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 120ms
36ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3813
date: Mon, 18 Apr 2022 19:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 18 Apr 2022 21:34:50 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 195 KB
70 KB 147ms
61ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDRL4XM

Requested by

Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c520f197136d05f38a31a49286c4c18e8e48e6e052f192dd4c0c50f6e5afffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70695
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 20:38:23 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v26/ 46 KB
47 KB 127ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,500,500i,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://onduo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 06:13:05 GMT
x-content-type-options: nosniff
age: 570318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:15:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Apr 2023 06:13:05 GMT

GET
H2 200 T2D_Carousel_Hero_Image_4_VirtualClinic_994x994.jpg
storage.googleapis.com/onduo-craft-cms-assets/images/mod/key-features/desktop/_modKeyFeatures1x/ 35 KB
35 KB 583ms
512ms Image
image/jpeg 2a00:1450:4001:830::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/onduo-craft-cms-assets/images/mod/key-features/desktop/_modKeyFeatures1x/T2D_Carousel_Hero_Image_4_VirtualClinic_994x994.jpg
Requested by: Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c35edbcc98bc35da8a5820f21e495d6bca2d08637d6d08985d98b2e9897353eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
x-guploader-uploadid: ADPycdvBZLvuriaPXnNFMufv-EG8VKZAaxzm0EiRVB5ANCSqUH_lPIH3Ep8PI74aie3GsmNnPM8vP5XgsAJLpr_TGzji8g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35756
last-modified: Tue, 27 Apr 2021 02:24:51 GMT
server: UploadServer
etag: "0364a7c1adeb3b84d9323161f1ef5ffe"
x-goog-hash: crc32c=ghQIxQ==, md5=A2Snwa3rO4TZMjFh8e9f/g==
x-goog-generation: 1619490291409735
cache-control: public, max-age=3600
x-goog-stored-content-length: 35756
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 18 Apr 2022 21:38:23 GMT

GET
H2 200 GM_App.png
storage.googleapis.com/onduo-craft-cms-assets/images/mod/key-features/desktop/_modKeyFeatures1x/ 93 KB
93 KB 432ms
361ms Image
image/png 2a00:1450:4001:830::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/onduo-craft-cms-assets/images/mod/key-features/desktop/_modKeyFeatures1x/GM_App.png
Requested by: Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 09a7fc0e34080991f4b79af974d6326d62e2b4add7c3a817a7d5366434d8277a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
x-guploader-uploadid: ADPycdvqa6FmYGEcRcF0hB6osmwD-ibjL_scEmZzJks8IopCCPnJem81NzO9U_wi7nqOrzp6_hWdVz3JRtVff19b7n9cyw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95132
last-modified: Fri, 24 Sep 2021 20:39:21 GMT
server: UploadServer
etag: "de9c7c8c24b242a8a5d4cf9390ed9f6c"
x-goog-hash: crc32c=YKyc1g==, md5=3px8jCSyQqil1M+TkO2fbA==
x-goog-generation: 1632515961558448
cache-control: public, max-age=3600
x-goog-stored-content-length: 95132
accept-ranges: bytes
content-type: image/png
expires: Mon, 18 Apr 2022 21:38:23 GMT

GET
H2 200 Connected_Scale.png
storage.googleapis.com/onduo-craft-cms-assets/images/mod/key-features/desktop/_modKeyFeatures1x/ 30 KB
31 KB 587ms
517ms Image
image/png 2a00:1450:4001:830::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/onduo-craft-cms-assets/images/mod/key-features/desktop/_modKeyFeatures1x/Connected_Scale.png
Requested by: Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4108f443e7b36f72f33f986a5eb3718f4dd5c646eec24cc138e10764731c1b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
x-guploader-uploadid: ADPycduXNxhZFyz2y3ULDLdegC8LNaerw_xBqkfawhUXHcEJwEE7FLlLw-redkMuwEMb_zU18myy14kQwjSEVWzkHFQpzw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31218
last-modified: Fri, 24 Sep 2021 20:39:24 GMT
server: UploadServer
etag: "bef1cacd254ca48de5aa6f0f551708a6"
x-goog-hash: crc32c=cpesoQ==, md5=vvHKzSVMpI3lqm8PVRcIpg==
x-goog-generation: 1632515964256952
cache-control: public, max-age=3600
x-goog-stored-content-length: 31218
accept-ranges: bytes
content-type: image/png
expires: Mon, 18 Apr 2022 21:38:23 GMT

GET
H2 200 Challenges.png
storage.googleapis.com/onduo-craft-cms-assets/images/mod/key-features/desktop/_modKeyFeatures1x/ 360 KB
361 KB 517ms
446ms Image
image/png 2a00:1450:4001:830::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/onduo-craft-cms-assets/images/mod/key-features/desktop/_modKeyFeatures1x/Challenges.png
Requested by: Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d1cb185f7ae6cd474998395723b69f2b95208715137e5f0c15d78eb224683f0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
x-guploader-uploadid: ADPycdsJ9Oir1kA8c3Xnnc2YbwfZX5mqnxjWVdVgCYgNi_XFniypFC5y3MqesTUvlnobVXxh8NUYZKFP4_vhXY4qiH-J2A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 369112
last-modified: Mon, 14 Feb 2022 18:41:06 GMT
server: UploadServer
etag: "8e8c5c09e1ef86e0b5e0cd6a7ab4b2a4"
x-goog-hash: crc32c=n9i7GQ==, md5=joxcCeHvhuC14M1qerSypA==
x-goog-generation: 1644864066047351
cache-control: public, max-age=3600
x-goog-stored-content-length: 369112
accept-ranges: bytes
content-type: image/png
expires: Mon, 18 Apr 2022 21:38:23 GMT

GET
H2 200 coach.svg
storage.googleapis.com/onduo-craft-cms-assets/images/mod/key-features/icon/ 3 KB
3 KB 515ms
445ms Image
image/svg+xml 2a00:1450:4001:830::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/onduo-craft-cms-assets/images/mod/key-features/icon/coach.svg
Requested by: Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a43a3ef1ce8611d443e8bd28ab562387ee89fd6d09dcf1d5493645882b522baa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
x-guploader-uploadid: ADPycduIDr0S2h0tKc2z1qr2yx_Dooe5GVL4nSjSYpGiz8PYCI9NgBQaOMJORTi9GCP_ABnr_LtrgF7Uvfa-6IhhX5k7Iw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
last-modified: Fri, 24 Sep 2021 20:35:41 GMT
server: UploadServer
etag: "65fffd96746c42f7e7d816bad9e763c3"
x-goog-hash: crc32c=68zSmw==, md5=Zf/9lnRsQvfn2Ba62edjww==
x-goog-generation: 1632515741953461
cache-control: public, max-age=3600
x-goog-stored-content-length: 2786
accept-ranges: bytes
content-type: image/svg+xml
expires: Mon, 18 Apr 2022 21:38:23 GMT

GET
H2 200 illy_telcare_connected.svg
storage.googleapis.com/onduo-craft-cms-assets/images/mod/key-features/icon/ 2 KB
3 KB 412ms
359ms Image
image/svg+xml 2a00:1450:4001:830::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/onduo-craft-cms-assets/images/mod/key-features/icon/illy_telcare_connected.svg
Requested by: Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 496ceae901f430ddf36eddd528b0de15bedb0a914debe0b4761521414dee1d5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
x-guploader-uploadid: ADPycdukyoU_M_S2GSSFMasiKTpkCWgqUpQi5W7RT0ioQ2qHdXX5cCWaAfykB6Y56FXM-WGTzAyAQnez_BpTq9CQcHojTw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2397
last-modified: Fri, 24 Sep 2021 20:36:20 GMT
server: UploadServer
etag: "fa5b71b8b52934cae90cffe0d319ebc9"
x-goog-hash: crc32c=Z5yfMQ==, md5=+ltxuLUpNMrpDP/g0xnryQ==
x-goog-generation: 1632515780890976
cache-control: public, max-age=3600
x-goog-stored-content-length: 2397
accept-ranges: bytes
content-type: image/svg+xml
expires: Mon, 18 Apr 2022 21:38:23 GMT

GET
H2 200 Icon_3_ScaleDevice_V2.svg
storage.googleapis.com/onduo-craft-cms-assets/images/mod/key-features/icon/ 1 KB
2 KB 209ms
156ms Image
image/svg+xml 2a00:1450:4001:830::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/onduo-craft-cms-assets/images/mod/key-features/icon/Icon_3_ScaleDevice_V2.svg
Requested by: Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 14da3aa3057b3bec626322d325fa163928a6e98cd15e0b3cecb768d5ae6d6a0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
age: 0
x-guploader-uploadid: ADPycdtrt9AsoCcXjD80Rkl94tmKrDx7MupYTGxotbk36Wq3itKCzAfSjZ1SCSamLuvO_O-jzugZKSY26LBiyc7cdXJNXg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1104
last-modified: Tue, 27 Apr 2021 18:12:56 GMT
server: UploadServer
etag: "889e8e6ba7a1de857cc075ea4edc33ef"
x-goog-hash: crc32c=vIcTxA==, md5=iJ6Oa6eh3oV8wHXqTtwz7w==
x-goog-generation: 1619547176170655
cache-control: public, max-age=3600
x-goog-stored-content-length: 1104
accept-ranges: bytes
content-type: image/svg+xml
expires: Mon, 18 Apr 2022 21:38:23 GMT

GET
H3 200 light-blue-wave.svg
onduo.com/assets/svg/ 779 B
797 B 135ms
134ms Image
image/svg+xml 35.241.32.115
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onduo.com/assets/svg/light-blue-wave.svg

Requested by

Host: onduo.com
URL: https://onduo.com/assets/css/global.css?cb=20210510v1

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.32.115 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

115.32.241.35.bc.googleusercontent.com

Software

nginx/1.21.3 /

Resource Hash

ca000bc536e7cf67a59f379ddd1d454e93e23a99183edf903d732d2a27037633

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/assets/css/global.css?cb=20210510v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
via: 1.1 google
last-modified: Fri, 01 Apr 2022 14:52:09 GMT
server: nginx/1.21.3
etag: "62471199-30b"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 779

GET
H3 200 link-arrow.svg
onduo.com/assets/svg/ 483 B
501 B 133ms
133ms Image
image/svg+xml 35.241.32.115
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onduo.com/assets/svg/link-arrow.svg

Requested by

Host: onduo.com
URL: https://onduo.com/assets/css/global.css?cb=20210510v1

Protocol

Security

QUIC, , AES_128_GCM

Server

35.241.32.115 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

115.32.241.35.bc.googleusercontent.com

Software

nginx/1.21.3 /

Resource Hash

3800e69f5fda05c0f651a9449ea8e87db953efebc328966b3b38114c8b7b9fe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/assets/css/global.css?cb=20210510v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
via: 1.1 google
last-modified: Fri, 01 Apr 2022 14:52:09 GMT
server: nginx/1.21.3
etag: "62471199-1e3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 483

GET
H2 200 Icon_3_Resources_V2_2021-04-27-041142.svg
storage.googleapis.com/onduo-craft-cms-assets/images/mod/key-features/icon/ 68 KB
69 KB 516ms
515ms Image
image/svg+xml 2a00:1450:4001:830::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/onduo-craft-cms-assets/images/mod/key-features/icon/Icon_3_Resources_V2_2021-04-27-041142.svg
Requested by: Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c9438de18148ce0f4e06357692839cd8131002d92070fa3d31b804920bb2e6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
x-guploader-uploadid: ADPycdtmfMp1-W9ChSmuH72knnsadJu7afXbESrHxOMeH_C5gNoTcKFuuU3QoeLGPVRT_VLzh_jdZfekkjEhcNL67wAEXA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69998
last-modified: Tue, 27 Apr 2021 04:11:42 GMT
server: UploadServer
etag: "c13dd4c4d9fed504c4f49c122d85a5d2"
x-goog-hash: crc32c=O8A3WA==, md5=wT3UxNn+1QTE9JwSLYWl0g==
x-goog-generation: 1619496702967725
cache-control: public, max-age=3600
x-goog-stored-content-length: 69998
accept-ranges: bytes
content-type: image/svg+xml
expires: Mon, 18 Apr 2022 21:38:23 GMT

GET
H2 200 CIRCLE_1.jpg
storage.googleapis.com/onduo-craft-cms-assets/images/mod/two-col-content-list/_mod2ColumnContentList1x/ 437 B
692 B 514ms
514ms Image
image/jpeg 2a00:1450:4001:830::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/onduo-craft-cms-assets/images/mod/two-col-content-list/_mod2ColumnContentList1x/CIRCLE_1.jpg
Requested by: Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4762f1f0ea9cc5436acaf430bb5283177dff86c5d2f246725650cb8e52175e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
x-guploader-uploadid: ADPycdtyzegIb0VH64Vbht6IGuvJZ4l6AAcE0UnmranpOD4s4NHs_0kTvNHfvYpcxLHGUTz5s1v0Gq48OUlEpsbhv2blug
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 437
last-modified: Wed, 01 Sep 2021 20:15:52 GMT
server: UploadServer
etag: "0a708915bf495f1dd90ac7120e6c2919"
x-goog-hash: crc32c=mtRXQA==, md5=CnCJFb9JXx3ZCscSDmwpGQ==
x-goog-generation: 1630527352523769
cache-control: public, max-age=3600
x-goog-stored-content-length: 437
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 18 Apr 2022 21:38:23 GMT

GET
H2 200 Circle_2.jpg
storage.googleapis.com/onduo-craft-cms-assets/images/mod/two-col-content-list/_mod2ColumnContentList1x/ 476 B
731 B 515ms
514ms Image
image/jpeg 2a00:1450:4001:830::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/onduo-craft-cms-assets/images/mod/two-col-content-list/_mod2ColumnContentList1x/Circle_2.jpg
Requested by: Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 43e9c53afdec1563696a8a523e1ae5e81dcec9d10ce3deb71fe4d5f1bcc65a35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
x-guploader-uploadid: ADPycdug5-z3TJhqV8X2KJ4W86i_LJmCYW4PusPB5KXMtNBVq6YG8HwX3x-1yv2oImmnnOceqEX8PcTANQN1Di9AulmbUw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 476
last-modified: Wed, 01 Sep 2021 20:18:05 GMT
server: UploadServer
etag: "86ee1a134475e0d742d38ce2ab5b4705"
x-goog-hash: crc32c=/sUw5A==, md5=hu4aE0R14NdC04ziq1tHBQ==
x-goog-generation: 1630527485822294
cache-control: public, max-age=3600
x-goog-stored-content-length: 476
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 18 Apr 2022 21:38:23 GMT

GET
H2 200 Circle_3.jpg
storage.googleapis.com/onduo-craft-cms-assets/images/mod/two-col-content-list/_mod2ColumnContentList1x/ 477 B
765 B 3100ms
3100ms Image
image/jpeg 2a00:1450:4001:830::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/onduo-craft-cms-assets/images/mod/two-col-content-list/_mod2ColumnContentList1x/Circle_3.jpg
Requested by: Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e8c52ed2f526e796a6f5d69997fa718f78e7cf3ec51d763d8dc52b3aa1c6d695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:26 GMT
x-guploader-uploadid: ADPycdvddq-tPlYEoqNM57TjeP2_yrQcIgXZzOcHCDatl5Xnh-Ybg9Yjt5_jDdTYyukGuQiK_RBI1tEuwr32MPP3lxIcCA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 477
last-modified: Wed, 01 Sep 2021 20:19:03 GMT
server: UploadServer
etag: "ba6430b4034de1292cf2d838fa28f6f5"
x-goog-hash: crc32c=+X3ZFQ==, md5=umQwtANN4Sks8tg4+ij29Q==
x-goog-generation: 1630527543382847
cache-control: public, max-age=3600
x-goog-stored-content-length: 477
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 18 Apr 2022 21:38:26 GMT

GET
H2 200 shutterstock_1784456396-1-1_2021-09-22-184936.png
storage.googleapis.com/onduo-craft-cms-assets/images/mod/master-headline-images/_modMasterHeadlineImages1x/ 627 KB
628 KB 444ms
444ms Image
image/png 2a00:1450:4001:830::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/onduo-craft-cms-assets/images/mod/master-headline-images/_modMasterHeadlineImages1x/shutterstock_1784456396-1-1_2021-09-22-184936.png
Requested by: Host: onduo.com
URL: https://onduo.com/assets/js/app.js?cb=20210510v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8991a1f4a7d9a781528c5c63a9b68ce7d68ad781bec0db8f3811b0e9de8f6f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
x-guploader-uploadid: ADPycdtf4d_WMwdHevqUsoFyDMm25EL3eAY4njGXi1Lg31xYOQZFbn5AGZDrH8ovslIkvT9XDO_TcAGgFecjReosg9iiXA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 642486
last-modified: Wed, 22 Sep 2021 18:50:44 GMT
server: UploadServer
etag: "2ef38373018efa2576102c10d6f98ba2"
x-goog-hash: crc32c=C16wfg==, md5=LvODcwGO+iV2ECwQ1vmLog==
x-goog-generation: 1632336644518992
cache-control: public, max-age=3600
x-goog-stored-content-length: 642486
accept-ranges: bytes
content-type: image/png
expires: Mon, 18 Apr 2022 21:38:23 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 115 KB
42 KB 157ms
57ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5WRNM4G

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDRL4XM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7f80d5895725644333033e60cdf5e4cf51301d95fd741a6f456ef004526540b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42245
x-xss-protection: 0
expires: Mon, 18 Apr 2022 20:38:23 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 117ms
45ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDRL4XM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14892
x-xss-protection: 0
server: cafe
etag: 4605403730725282575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 20:38:23 GMT

GET
H2 200 d1daba2e2f02d.js Show response
t.contentsquare.net/uxa/ 294 KB
67 KB 35ms
8ms Script
application/javascript 18.66.112.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/d1daba2e2f02d.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDRL4XM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0d732b0e898013bd9cf1145ba16c33f00060afab45a7d9ea7329beb0d25fac6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 17 Apr 2022 15:22:36 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 14:33:51 GMT
server: AmazonS3
age: 105348
etag: "3d99c76e84cd2ce201b98c92cfbf2b75"
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 67797
x-amz-cf-id: gJzks2rD1CFX2_YBIzr6JMSSqUPTGHKwz2CAUOiWGImZSR7e3uY0Mw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: rXv13K7VKRiuIAYF0/m7McLK4L4VBxeN7ws20jl9wXTJiejwoGnY3tt/4hd95JwWALcCOjwcLt6cYg5M4KVdtA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 18 Apr 2022 20:38:23 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 159276564680858 Show response
connect.facebook.net/signals/config/ 308 KB
88 KB 76ms
67ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/159276564680858?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50762aef9b1cb18bf4a55c4c6b9a7c80627d2b8221673448dbfd1007cdbb1723

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: vrHc05eWetQ1ujjNBommAgds0TB9Do8dzObETuBZESyqlZC8xIcycCpQFqIBFge7KgZz77FQgObH6cc+/mFjeA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 18 Apr 2022 20:38:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 pageview
c.contentsquare.net/ 0
320 B 96ms
28ms Image
text/plain 34.250.97.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?pid=11232&uu=3a3937f4-036a-ae29-b653-d02cb1fd41d7&sn=1&lv=1650314303&lhd=1650314303&hd=1650314303&pn=1&dw=1600&dh=3047&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fonduo.com%2Fwalgreens%2Fhw%2F%3Futm_campaign%3Dwag_ghw_v1%26utm_medium%3Demail%26utm_source%3Dv1enrollp3-ltr%26utm_content%3Dhandofflogo%26invite_code%3D4399HHV&uc=1&la=en-US&v=11.19.4&r=489128
Requested by: Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.97.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-97-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:38:23 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
BLOB 200
OK 9adb24df-a1e8-4494-b4e6-eccca314e63b
https://onduo.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onduo.com/9adb24df-a1e8-4494-b4e6-eccca314e63b
Requested by: Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10dfb21244c78df328ae9cff5429f822f5244e8d90c1efe5c26cc851d7a12f24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 6483
Content-Type: application/javascript

GET
H2 204 dvar
c.contentsquare.net/ 0
319 B 83ms
29ms Image
text/plain 34.250.97.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=11.19.4&pid=11232&uu=3a3937f4-036a-ae29-b653-d02cb1fd41d7&sn=1&pn=1&dv=N4IgsgpgJglgrgWxALhBBBDGAbEAaEAZQHs4AnAYwhRADcBGCAOzOO2wAcBmAWmwBcy%2BEAGEMCDlgDmTGgHcMUgPpSAFnKUMQAXyAA%3D%3D&r=500201
Requested by: Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.97.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-97-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:38:23 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/804620460/ 2 KB
1 KB 106ms
63ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/804620460/?random=1650314303467&cv=9&fst=1650314303467&num=1&rdp=1&value=0&label=lYqWCPvav4MBEKyR1v8C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fonduo.com%2Fwalgreens%2Fhw%2F%3Futm_campaign%3Dwag_ghw_v1%26utm_medium%3Demail%26utm_source%3Dv1enrollp3-ltr%26utm_content%3Dhandofflogo%26invite_code%3D4399HHV&tiba=Onduo.com%20-%20Walgreens-%20Healthy%20Weight%20LP&auid=480739497.1650314303&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

6c38ec22b195c357fc4a9db3b2c54586b9ef5020d074151053453533db427d94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2031362660518336 Show response
connect.facebook.net/signals/config/ 308 KB
88 KB 53ms
52ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2031362660518336?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd0917314aa357b3fff17199ff7c3403b504e01a0941dc797065fa691b70240e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ojOIPwH75Lj8XQFzFSMzOutnlaAwc1JLNSg1l81vvzURlbEp+QYSYG6QSCBpdh5MWzEUBTLfu8itLJYsHqXd6g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 18 Apr 2022 20:38:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 25ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=159276564680858&ev=PageView&dl=https%3A%2F%2Fonduo.com%2Fwalgreens%2Fhw%2F%3Futm_campaign%3Dwag_ghw_v1%26utm_medium%3Demail%26utm_source%3Dv1enrollp3-ltr%26utm_content%3Dhandofflogo%26invite_code%3D_removed_%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%2522cf3972f6e4db695fde8b01665552831662720abdd93dc3651bbf03aff5b699e3%2522%255D%257D&rl=&if=false&ts=1650314303498&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650314303490.1341828733&it=1650314303384&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p1&rqm=GET

Requested by

Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 18 Apr 2022 20:38:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 25ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=159276564680858&ev=CompleteRegistration&dl=https%3A%2F%2Fonduo.com%2Fwalgreens%2Fhw%2F%3Futm_campaign%3Dwag_ghw_v1%26utm_medium%3Demail%26utm_source%3Dv1enrollp3-ltr%26utm_content%3Dhandofflogo%26invite_code%3D_removed_%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%2522cf3972f6e4db695fde8b01665552831662720abdd93dc3651bbf03aff5b699e3%2522%255D%257D&rl=&if=false&ts=1650314303501&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1650314303490.1341828733&it=1650314303384&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p1&rqm=GET

Requested by

Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 18 Apr 2022 20:38:23 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 93ms
46ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=211654041&t=event&ni=1&_s=1&dl=https%3A%2F%2Fonduo.com%2Fwalgreens%2Fhw%2F%3Futm_campaign%3Dwag_ghw_v1%26utm_medium%3Demail%26utm_source%3Dv1enrollp3-ltr%26utm_content%3Dhandofflogo%26invite_code%3D4399HHV&ul=en-us&de=UTF-8&dt=Onduo.com%20-%20Walgreens-%20Healthy%20Weight%20LP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=%2Fwalgreens%2Fhw%2F&ea=Scroll%20Tracking&el=25%25&_u=aEDAAEABQAAAAC~&jid=1402934504&gjid=576296048&cid=717087524.1650314303&tid=UA-83987501-1&_gid=1790427501.1650314303&_r=1&gtm=2wg4d0NDRL4XM&z=132168310

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:38:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onduo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 80ms
39ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=211654041&t=pageview&_s=1&dl=https%3A%2F%2Fonduo.com%2Fwalgreens%2Fhw%2F%3Futm_campaign%3Dwag_ghw_v1%26utm_medium%3Demail%26utm_source%3Dv1enrollp3-ltr%26utm_content%3Dhandofflogo%26invite_code%3D4399HHV&ul=en-us&de=UTF-8&dt=Onduo.com%20-%20Walgreens-%20Healthy%20Weight%20LP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABQAAAAC~&jid=&gjid=&cid=717087524.1650314303&tid=UA-83987501-1&_gid=1790427501.1650314303&gtm=2wg4d0NDRL4XM&cd1=0.4904821474927945_1650314303567&z=664044444

Requested by

Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 01:06:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70329
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 dvar
c.contentsquare.net/ 0
319 B 29ms
29ms Image
text/plain 34.250.97.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=11.19.4&pid=11232&uu=3a3937f4-036a-ae29-b653-d02cb1fd41d7&sn=1&pn=1&dv=N4IgxgzgsghgLmAFgSwHYHMDSBTAniALhAAYA6AFgE5jyAOAJgEZyB2K%2Bly8gVgH1GAbN2IBmZiNHcBLEAF8gA%3D%3D&r=676507
Requested by: Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.97.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-97-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:38:23 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/804620460/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/804620460/?random=462622164&cv=9&fst=1650314303467&num=1&rdp=1&value=0&label=lYqWCPvav4MBEKyR1v8C&bg=ffffff&guid=ON&resp=GooglemKTyb...
https://www.google.com/pagead/1p-conversion/804620460/?random=462622164&cv=9&fst=1650314303467&num=1&rdp=1&value=0&label=lYqWCPvav4MBEKyR1v8C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=16...
https://www.google.de/pagead/1p-conversion/804620460/?random=462622164&cv=9&fst=1650314303467&num=1&rdp=1&value=0&label=lYqWCPvav4MBEKyR1v8C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=160...

42 B
548 B

140ms
56ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/804620460/?random=462622164&cv=9&fst=1650314303467&num=1&rdp=1&value=0&label=lYqWCPvav4MBEKyR1v8C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fonduo.com%2Fwalgreens%2Fhw%2F%3Futm_campaign%3Dwag_ghw_v1%26utm_medium%3Demail%26utm_source%3Dv1enrollp3-ltr%26utm_content%3Dhandofflogo%26invite_code%3D4399HHV&tiba=Onduo.com%20-%20Walgreens-%20Healthy%20Weight%20LP&auid=480739497.1650314303&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=P8xdYtHdH4yG9fgPx6CCkAw&eitems=ChEI8Jj0kgYQ75vLxZTPzqj2ARIdAM-0LdE0cnj2YzkgL_-K1LLiiOETUMktIPwXiLM&random=2625117306&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:38:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:38:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/804620460/?random=462622164&cv=9&fst=1650314303467&num=1&rdp=1&value=0&label=lYqWCPvav4MBEKyR1v8C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fonduo.com%2Fwalgreens%2Fhw%2F%3Futm_campaign%3Dwag_ghw_v1%26utm_medium%3Demail%26utm_source%3Dv1enrollp3-ltr%26utm_content%3Dhandofflogo%26invite_code%3D4399HHV&tiba=Onduo.com%20-%20Walgreens-%20Healthy%20Weight%20LP&auid=480739497.1650314303&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=P8xdYtHdH4yG9fgPx6CCkAw&eitems=ChEI8Jj0kgYQ75vLxZTPzqj2ARIdAM-0LdE0cnj2YzkgL_-K1LLiiOETUMktIPwXiLM&random=2625117306&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2031362660518336&ev=PageView&dl=https%3A%2F%2Fonduo.com%2Fwalgreens%2Fhw%2F%3Futm_campaign%3Dwag_ghw_v1%26utm_medium%3Demail%26utm_source%3Dv1enrollp3-ltr%26utm_content%3Dhandofflogo%26invite_code%3D4399HHV%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1650314303590&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1650314303490.1341828733&it=1650314303384&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p1&rqm=GET

Requested by

Host: onduo.com
URL: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:38:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 18 Apr 2022 20:38:23 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
434 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-83987501-1&cid=717087524.1650314303&jid=1402934504&gjid=576296048&_gid=1790427501.1650314303&_u=aEDAAEAAQAAAAC~&z=1748400947

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 18 Apr 2022 20:38:23 GMT
content-type: text/plain
access-control-allow-origin: https://onduo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 1DDB 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://onduo.com
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://onduo.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 20:38:24 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 40A8 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://onduo.com
Referer: https://onduo.com/walgreens/hw/?utm_campaign=wag_ghw_v1&utm_medium=email&utm_source=v1enrollp3-ltr&utm_content=handofflogo&invite_code=4399HHV
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://onduo.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 20:38:24 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onduo.com/	1970-01-20 03:08:26	Name: PLAN_ID Value: walgreens
.onduo.com/	1970-01-20 03:08:26	Name: PLAN_SUBDIVISION Value: gmhw
.onduo.com/	1970-01-20 03:08:26	Name: PROGRAM_SOURCE Value: gmhw
.onduo.com/	1970-01-20 03:08:26	Name: Cabbage Value: 1
.onduo.com/	1970-01-20 03:08:26	Name: invite_code Value: 4399HHV
.onduo.com/	1970-01-20 19:56:26	Name: _ga Value: GA1.2.717087524.1650314303
.onduo.com/	1970-01-20 02:26:40	Name: _gid Value: GA1.2.1790427501.1650314303
.onduo.com/	1970-01-20 04:34:50	Name: _gcl_au Value: 1.1.480739497.1650314303
.onduo.com/	1970-01-20 11:54:38	Name: _cs_c Value: 1
.onduo.com/	1970-01-20 11:54:38	Name: _cs_id Value: 3a3937f4-036a-ae29-b653-d02cb1fd41d7.1650314303.1.1650314303.1650314303.1.1684478303444
.onduo.com/	1970-01-20 02:25:16	Name: _cs_s Value: 1.0.0.1650316103445
.onduo.com/	1970-01-20 04:34:50	Name: _fbp Value: fb.1.1650314303490.1341828733
.onduo.com/	1970-01-20 02:26:40	Name: _opt_utmc Value: wag_ghw_v1
.onduo.com/	1970-01-20 02:25:14	Name: _gat_UA-83987501-1 Value: 1
.onduo.com/	1970-01-20 02:25:16	Name: _cs_mk_ga Value: 0.4904821474927945_1650314303567
enroll.onduo.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: Xvtyq5K7weMr8NQvHpj6hQ
.doubleclick.net/	1970-01-20 02:25:15	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.contentsquare.net
click.email1.onduo.com
connect.facebook.net
enroll.onduo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
onduo.com
stats.g.doubleclick.net
storage.googleapis.com
t.contentsquare.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
13.111.196.105
142.250.181.226
18.66.112.6
2a00:1450:4001:801::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2013
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2010
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.250.97.19
35.241.32.115
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
09a7fc0e34080991f4b79af974d6326d62e2b4add7c3a817a7d5366434d8277a
0c520f197136d05f38a31a49286c4c18e8e48e6e052f192dd4c0c50f6e5afffb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10dfb21244c78df328ae9cff5429f822f5244e8d90c1efe5c26cc851d7a12f24
13c7196dbcfca749aa87891e3db3cbe104ef2373a7bddcd3b60a996d5a2fa0f6
14da3aa3057b3bec626322d325fa163928a6e98cd15e0b3cecb768d5ae6d6a0a
1c9438de18148ce0f4e06357692839cd8131002d92070fa3d31b804920bb2e6c
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
3800e69f5fda05c0f651a9449ea8e87db953efebc328966b3b38114c8b7b9fe8
3b701ff65decb720c9db6b7dbba15dcdf6f42276070903b3af87bc2a14082730
4108f443e7b36f72f33f986a5eb3718f4dd5c646eec24cc138e10764731c1b8b
43e9c53afdec1563696a8a523e1ae5e81dcec9d10ce3deb71fe4d5f1bcc65a35
4762f1f0ea9cc5436acaf430bb5283177dff86c5d2f246725650cb8e52175e3d
496ceae901f430ddf36eddd528b0de15bedb0a914debe0b4761521414dee1d5a
4e3bb6949163fa1a5e8873c6ca9ef084aa795a604b111e432b7de4075ab27d01
50762aef9b1cb18bf4a55c4c6b9a7c80627d2b8221673448dbfd1007cdbb1723
5f2c266db7472dea7e65699d55c24c640d766912ed35a22caef10e7e86f8ad37
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c38ec22b195c357fc4a9db3b2c54586b9ef5020d074151053453533db427d94
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8991a1f4a7d9a781528c5c63a9b68ce7d68ad781bec0db8f3811b0e9de8f6f47
a0d732b0e898013bd9cf1145ba16c33f00060afab45a7d9ea7329beb0d25fac6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a43a3ef1ce8611d443e8bd28ab562387ee89fd6d09dcf1d5493645882b522baa
a95cfe57ba0399e853385ee91c686febf20790fa6a83c32de5bbc64a4def502c
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
c35edbcc98bc35da8a5820f21e495d6bca2d08637d6d08985d98b2e9897353eb
c916577c26045d0c6e81eff07f08e29f66e3bfaf1c2c87f37649191a6a542604
ca000bc536e7cf67a59f379ddd1d454e93e23a99183edf903d732d2a27037633
cd0917314aa357b3fff17199ff7c3403b504e01a0941dc797065fa691b70240e
d1cb185f7ae6cd474998395723b69f2b95208715137e5f0c15d78eb224683f0a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f80d5895725644333033e60cdf5e4cf51301d95fd741a6f456ef004526540b
e8c52ed2f526e796a6f5d69997fa718f78e7cf3ec51d763d8dc52b3aa1c6d695
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

onduo.com Open in urlscan Pro 35.241.32.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

95 %HTTPS

72 %IPv6

13 Domains

18 Subdomains

16 IPs

4 Countries

2101 kBTransfer

3121 kBSize

17 Cookies

1 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onduo.com Open in urlscan Pro
35.241.32.115 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

95 %
HTTPS

72 %
IPv6

13
Domains

18
Subdomains

16
IPs

4
Countries

2101 kB
Transfer

3121 kB
Size

17
Cookies

43 HTTP transactions
0 data transactions